Discovery and security in LWA communication

ABSTRACT

During a communication technique, an access point provides a message that includes one or more public land mobile network identifiers of one or more cellular-telephone networks that are supported by the access point. Then, an electronic device, which received the message, provides a candidate list specifying one or more access points that support communication with a cellular telephone network to a radio node that is associated with this cellular-telephone network. By communicating with a wireless-local-area-network (WLAN) controller, the radio node validates the one or more access points, and selects a target access point based on performance feedback from the WLAN controller. Next, the radio node instructs the electronic device to associate with the target access point. Moreover, the radio node and the target access point establish a secure-communication pathway, which allows the radio node to communicate data to the electronic device via the access point using an LTE Wi-Fi aggregation protocol.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. application Ser. No.16/217,131, filed Dec. 12, 2018, which is a continuation of U.S.application Ser. No. 14/986,508, filed Dec. 31, 2015 (now U.S. Pat. No.10,194,379), which claims the benefit of U.S. Provisional ApplicationNo. 62/201,843, filed Aug. 6, 2015, the contents of each of which areherein incorporated by reference.

FIELD

The described embodiments relate to techniques for communicatinginformation among electronic devices, including communicating datainformation from a cellular-telephone network via a wireless local areanetwork.

BACKGROUND

Many electronic devices are capable of wirelessly communicating withother electronic devices. For example, these electronic devices caninclude a networking subsystem that implements a network interface for:a cellular network (UMTS, LTE, etc.), a wireless local area network(e.g., a wireless network such as described in the Institute ofElectrical and Electronics Engineers (IEEE) 802.11 standard or Bluetoothfrom the Bluetooth Special Interest Group of Kirkland, Wash.), and/oranother type of wireless network.

While many electronic devices communicate with each other via largenetworks owned by a network operator, it is often difficult tocommunicate via a cellular-telephone network, e.g., in high density orcrowded environments. In particular, in crowded environments the networkperformance (such as the block error rate and the capacity) of thecellular-telephone network can be degraded. Moreover, there are oftenconstraints on the number of cellular-telephone towers. Consequently, itcan be difficult for the operator of the cellular-telephone network toimprove the quality of their service e.g., in crowded environments.

SUMMARY

The described embodiments relate to an access point that establishescommunication with an electronic device and a radio node (such as aneNode-B) in a cellular-telephone network. This access point includes: anantenna connector or node (which may be connected to an antenna), and aninterface circuit that communicates with the electronic device, theradio node, and a wireless-local-area-network (WLAN) controller. Duringoperation, the access point provides messages that include one or morepublic land mobile network (PLMN) identifiers of one or morecellular-telephone networks that are supported by the access point.Then, the access point receives information specifying the radio nodefrom the WLAN controller. Moreover, the access point establishes asecure-communication pathway (such as a tunnel) with the radio nodebased on the information, where the secure-communication pathway takesdata associated with frames for a cellular-telephone communicationprotocol (such as Long Term Evolution or LTE) and encapsulates the datain frames for an IEEE 802.11 communication protocol. Next, the accesspoint associates with the electronic device. Furthermore, the accesspoint receives the data for the electronic device from the radio nodevia the secure-communication pathway, and provides the data to theelectronic device using the IEEE 802.11 communication protocol.

Another embodiment provides the radio node. This radio node includes: anantenna connector or node (which may be connected to an antenna), and aninterface circuit that communicates with the electronic device, theaccess point, and the WLAN controller. During operation, the radio nodereceives, from the electronic device, a candidate list with informationspecifying the one or more access points, which support communicationwith the cellular-telephone network that is associated with the radionode. Then, the radio node validates the one or more access points withthe WLAN controller. Moreover, the radio node receives, from the WLANcontroller, network addresses of the one or more access points andperformance feedback about the one or more access points. Next, theradio node selects a target access point from the one or more accesspoints based on the performance feedback. Furthermore, the radio nodeset ups the secure-communication pathway with the target access pointusing a network address, where the secure-communication pathway takesdata associated with frames for the LTE communication protocol andencapsulates the data in frames for the IEEE 802.11 communicationprotocol. Additionally, the radio node instructs the electronic deviceto associate with the target access point, and provides the data for theelectronic device to the target access point via thesecure-communication pathway.

In some embodiments, during operation, the interface circuit providesadditional data to the electronic device using the LTE communicationprotocol.

Another embodiment provides the electronic device. This electronicdevice includes: an antenna connector or node (which may be connected toan antenna), and an interface circuit that communicates with the radionode, the access point, and the WLAN controller. During operation, theelectronic device discovers the access point by receiving one or moremessages from the access point that include the one or more PLMNidentifiers of one or more cellular-telephone networks, including atleast the cellular-telephone network associated with the radio node,that are supported by the access point. Then, the electronic deviceprovides the candidate list to the radio node with the informationspecifying the access point. Moreover, the electronic device receivesthe instruction from the radio node to associate with the access point.Next, the electronic device receives data from the radio node via theaccess point using the IEEE 802.11 communication protocol.

In some embodiments, during operation, the interface circuit receivesadditional data from the radio node using the LTE communicationprotocol. Moreover, during operation, the interface circuit mayaggregate the data and the additional data into LTE datagrams.

Another embodiment provides the WLAN controller. This WLAN controllerincludes: a connector or node (which may be connected to a network), andan interface circuit that communicates with the radio node and theaccess point. During operation, the WLAN controller receives, from theradio node, information specifying one or more access points. Then, theWLAN controller accesses the network addresses of the one or more accesspoints and the performance feedback about the one or more access points(such as a priority list of access points based on the performancefeedback). Moreover, the WLAN controller provides the network addressesand the performance feedback to the radio node. Next, the WLANcontroller provides additional information specifying the radio node tothe one or more access points, where the network addresses, theperformance feedback and the additional information facilitateestablishment of the secure-communication pathway between the radio nodeand one or more of the one or more access points.

Note that the communication may be via the Internet and/or a wirelessnetwork.

Another embodiment provides a computer-program product for use with theaccess point, the electronic device, the radio node and/or the WLANcontroller. This computer-program product includes instructions for atleast some of the operations performed by the access point, theelectronic device, the radio node and/or the WLAN controller.

Another embodiment provides a method. This method includes at least someof the operations performed by the access point, the electronic device,the radio node and/or the WLAN controller.

This Summary is provided merely for purposes of illustrating someexemplary embodiments, so as to provide a basic understanding of someaspects of the subject matter described herein. Accordingly, it will beappreciated that the above-described features are merely examples andshould not be construed to narrow the scope or spirit of the subjectmatter described herein in any way. Other features, aspects, andadvantages of the subject matter described herein will become apparentfrom the following Detailed Description, Figures, and Claims.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is a block diagram illustrating electronic devices wirelesslycommunicating in accordance with an embodiment of the presentdisclosure.

FIG. 2 is a block diagram illustrating Long Term Evolution Wi-Fiaggregation (LWA) registration and provisioning between the radio nodeand the electronic device in FIG. 1 in accordance with an embodiment ofthe present disclosure.

FIG. 3 is a block diagram illustrating LWA-wireless local area network(WLAN) discovery and selection between the access point and theelectronic device in FIG. 1 in accordance with an embodiment of thepresent disclosure.

FIG. 4 is a block diagram illustrating LWA-WLAN authentication andencryption among the electronic devices in FIG. 1 in accordance with anembodiment of the present disclosure.

FIG. 5 is a block diagram illustrating electronic devices wirelesslycommunicating in accordance with an embodiment of the presentdisclosure.

FIG. 6 is a flow diagram illustrating a method for establishingcommunication with an electronic device and a cellular-telephone networkin accordance with an embodiment of the present disclosure.

FIG. 7 is a drawing illustrating communication among the electronicdevices in FIG. 1 in accordance with an embodiment of the presentdisclosure.

FIG. 8 is a flow diagram illustrating a method for establishingcommunication with an electronic device and a cellular-telephone networkin accordance with an embodiment of the present disclosure.

FIG. 9 is a drawing illustrating communication among the electronicdevices in FIG. 5 in accordance with an embodiment of the presentdisclosure.

FIG. 10 is a block diagram illustrating an electronic device inaccordance with an embodiment of the present disclosure.

Table 1 provides an example of the performance feedback that iscommunicated between the access point and the radio node in FIG. 1 inaccordance with an embodiment of the present disclosure.

Note that like reference numerals refer to corresponding partsthroughout the drawings. Moreover, multiple instances of the same partare designated by a common prefix separated from an instance number by adash.

DETAILED DESCRIPTION

A communication technique for establishing communication among an accesspoint, an electronic device, and a radio node in a cellular-telephonenetwork is described. In this communication technique, the access pointprovides a message that includes one or more public land mobile network(PLMN) identifiers of one or more cellular-telephone networks that aresupported by the access point. Then, an electronic device, whichreceived the message, provides a candidate list specifying one or moreaccess points that support communication with a cellular telephonenetwork to a radio node (such as an eNode-B) that is associated withthis cellular-telephone network. By communicating with awireless-local-area-network (WLAN) controller, the radio node validatesthe one or more access points, and receives network addresses of the oneor more access points and performance feedback about the one or moreaccess points. Using the performance feedback, the radio node selects atarget access point from the one or more access points. Next, the radionode instructs the electronic device to associate with the target accesspoint. Moreover, the WLAN controller provides additional informationspecifying the radio node to the target access point. Furthermore, theradio node and the target access point establish a secure-communicationpathway, which allows the radio node to communicate data for theelectronic device, which is associated with frames for a Long TermEvolution (LTE) communication protocol, in frames for an IEEE 802.11communication protocol. This may allow the radio node and the accesspoint to perform load or traffic balancing with the electronic devicevia the secure-communication pathway.

Note that the WLAN controller functions may be performed by a singleWLAN controller, a distributed WLAN controller, a virtual WLANcontroller or any other such configuration that suffices to manage theone or more access points. Moreover, embodiments of the disclosure arenot limited to LTE and could easily be extended to any cellularprotocol.

The communication technique may provide a more secure approach forestablishing the communication among the access point, the electronicdevice and the radio node. Moreover, the communication technique mayallow the access point to support multiple cellular-telephone networks.Furthermore, the communication technique may leverage existingcommunication protocols, so the access point, the electronic deviceand/or the radio node may not need to be modified to implement thecommunication technique. Consequently, by facilitating improved and moresecure communication with the electronic device, the communicationtechnique may increase customer satisfaction and loyalty.

A cellular-telephone network may include base stations (and associatedcell towers) that implement so-called ‘macrocells.’ These macrocells mayfacilitate communication with hundreds of users (such as hundreds ofcellular telephones) over distances of kilometers. In general, thepositioning of the cell towers (and the antennas) is carefully designedand optimized to maximize the performance of the cellular-telephonenetwork (such as the throughput, the capacity, the block error rate,etc.) and to reduce crosstalk or interference between the signalstransmitted by different cell towers and/or different macrocells. Smallcells are generally radio access nodes providing lower power thanmacrocells and therefore providing smaller coverage areas thanmacrocells. It is common to subcategorize ‘small cells’ even further byascribing relative general ranges. For example, a ‘macrocell’ on acampus might have a range of less than 2 kilometers, a “picocell” in asmall office less than 200 meters, and a ‘femtocell’ in a home on theorder of 10 meters. These descriptions are for general relativecomparison purposes and should not be limiting on the scope of theembodiments of the inventions.

However, there are often gaps in the coverage offered by macrocells.Consequently, some users operate local transceivers that provideshort-range communication in the cellular-telephone network. Theseso-called ‘femto cells’ provide short-range communication (e.g., up to10 m) for a few individuals.

In addition, larger organizations (such as those with 50-60 users) mayoperate local transceivers that provide communication in thecellular-telephone network over a range of 100 m. Thisintermediate-range coverage in the cellular-telephone network can betypically referred to as a ‘small cell’ as well.

One challenge for operators of cellular-telephone networks ismaintaining network performance and quality. For example, it may bedifficult to maintain the network performance and the quality of servicein high density or crowded environments. While the use of femto cellsand/or small cells can mitigate this challenge, there are still oftencircumstances where the network performance and quality of acellular-telephone network is degraded.

In principle, access points in wireless local area networks (WLANs)offer a potential solution to this challenge. In particular, largenumbers of access points are typically available in high density orcrowded environments (such as offices), thereby providing availablenetwork infrastructure through which a cellular-telephone network canconvey or piggyback packets. In practice, this approach poses a varietyof additional challenges in terms of scaling (e.g., to large numbers ofaccess points and/or electronic devices), discovery, security, andperformance. These challenges are addressed in the communicationtechnique described below.

In the discussion that follows, Long Term Evolution or LTE (from the 3rdGeneration Partnership Project of Sophia Antipolis, Valbonne, France) isused as an illustration of a data communication protocol in acellular-telephone network and IEEE 802.11 (which is sometimes referredto as ‘Wi-Fi’ from the Wi-Fi Alliance of Austin, Tex.) is used as anillustration of a communication protocol in a WLAN. For example, thecommunication technique may include protocols for integrating LTEcommunications over Wi-Fi links such as contemplated in the LTE Wi-Fiaggregation (LWA) protocol being developed. However, a wide variety ofcommunication techniques or protocols may be used. In order to implementthe communication technique, note that changes may be needed in: userequipment (such as cellular telephones), access points, and eNode-Bs oreNBs (which are sometimes referred to as ‘radio nodes’).

FIG. 1 presents a block diagram illustrating wireless communicationamong electronic devices according to some embodiments. In particular,radio node 110 can communicate LTE data frames or packets using LTE withan electronic device 112 (which is sometimes referred to as ‘userequipment’ or UE, such as a cellular telephone and, more generally, aportable electronic device). Based on performance feedback (such asfeedback about the LTE and/or Wi-Fi link quality, a quality of serviceand/or one or more performance metrics, e.g., the network capacity, thenetwork state, etc.), radio node 110 may also communicate (via wirelessor wired communication) LTE data frames or packets to an access point114 (AP) via an interface, such as an Xw interface (and, more generally,an interface that is similar to X2 or a general packet radio servicetunneling protocol, such as GTP-U) that encapsulates the LTE packet dataconvergence protocol (PDCP) datagrams into IEEE 802.11 media accesscontrol (MAC) frames. (Although described in the context of Xw, other orfuture interfaces could be used, i.e., another interface or protocol forcommunicating between radio node 110 and access point 114.) For example,the tunnel between radio node 110 and access point 114 may strip theheaders off the LTE PDCP datagrams, which may then be included in theIEEE 802.11 MAC frames. (More generally, a tunnel may take data in oneprotocol, encapsulate it and place it into another protocol.)

Then, access point 114 may communicate these IEEE 802.11 frames orpackets to electronic device 112 (which supports dual connectivity andpacket data convergence protocol aggregation) using Wi-Fi. Next,electronic device 112 may aggregate or re-concatenate the two sources ofdata frames or packets (i.e., from radio node 110 and access point 114)back into an LTE data stream with LTE PDCP datagrams. (Alternatively, inother embodiments communication protocols such as Bluetooth and/or anInternet-of-Things communication protocol are used.) Note that thecommunication of data between radio node 110 and access point 114, andthen from access point 114 to electronic device 112 may beunidirectional or bidirectional.

However, this approach poses some challenges. In particular, it may bedifficult for radio node 110 to discover access point 114 and/or toprovide security. For example, many current proposals for LWA-WLANdiscovery and selection are based upon the provisioning of a static WLANservice set identifier (SSID) to electronic device 112 by radio node 110during the LTE registration process. The Wi-Fi connection manager onelectronic device 112 may then look for Wi-Fi access points includingthis SSID in their beacon and/or probe response frames. Once electronicdevice 112 detects the provisioned SSID in a beacon or a probe response,it may proceed to associate with and attempt to authenticate to thatWLAN.

Moreover, many current proposals LWA-WLAN authentication and encryptionare based on one of two approaches. A first proposed approach uses IEEE802.1x authentication with an extensible authentication protocol (suchas EAP-SIM, EAP-AKA and/or EAP-AKA′), in which a credential with acellular-telephone network (which is sometimes referred to as a‘cellular credential’) of electronic device 112 (such as a subscriberidentity module or SIM, or a universal subscriber identity module orUSIM) is used to authenticate the session back to the LWA home networkoperator's or cellular-telephone carrier's home subscriber server (HSS)or home location register (HLR) via a remote authentication dial-in userservice (RADIUS) protocol or messaging. Alternatively, in a secondproposed approach, a dynamic pre-shared key (dPSK) is provisioned toelectronic device 112 by radio node 110 during the LTE registrationprocess, and this dPSK is then used for Wi-Fi protected access-2 (WPA-2)personal authentication and encryption.

However, the proposal to use a static SSID for LWA-WLAN discovery andselection and/or the proposal to use a dPSK for LWA-WLAN authenticationand encryption may not be consistent with the latest advances in carrierand enterprise WLAN systems. Moreover, dPSK (even with an eNB key orKeNB derivation) may be open to relatively easy abuse and disruption.

In order to address these problems, a communication technique may use anaccess network query protocol (ANAP) information element in an IEEE802.11u/Hotspot 2.0 communication protocol (from the Wi-Fi Alliance ofAustin, Tex.) to perform the LWA-WLAN discovery and selection. In thediscussion that follows, the information element is referred to as anLWA_PLMN′ element, where PLMN refers to a public land mobile networkthat identifies a cellular-telephone network. (Thus, it is sufficientthat the LWA_PLMN may be an identifier of a cellular-telephone network.)Note that Hotspot 2.0, release 2, provides enhanced security via robustauthentication and encryption, including the use of a public keyinfrastructure (PKI) to validate the Wi-Fi infrastructure components.

As described further below with reference to FIG. 2 , the LWA_PLMNelement may be provisioned to electronic device 112 by radio node 110during the LTE registration process. This provisioning may or may notoccur with user intervention. The LWA_PLMN element may also beprovisioned on the Wi-Fi infrastructure(s) that will be used for LWAservices (in lieu of defining a new static SSID), such as access point114 (FIG. 1 ). Then, as described further below with reference to FIG. 3, when electronic device 112 comes in range of access point 114advertising support for a communication protocol (such as Hotspot 2.0)in its beacon and/or probe response frames, electronic device 112 mayformulate an ANQP query (either directed or general) in order toascertain whether access point 114 supports LWA services for the homenetwork operator or the carrier of the cellular-telephone network ofelectronic device 112. (However, a different communication protocol thanANQP may be used to provide the query.)

As described further below with reference to FIG. 4 , in response to theANQP query, access point 114 may communicate with authentication server122 (such as a home subscriber server or HSS, or home location registeror HLR) via RADIUS messaging to authenticate electronic device 112. Inparticular, if there is a match between the LWA_PLMN element provisionedto electronic device 112, and the LWA_PLMN element provisioned to, andbeing advertised by, access point 114, electronic device 112 mayassociate with access point 114 and may authenticate using EAP-SIM,EAP-AKA and/or EAP-AKA′ depending upon the type of cellular credentialit possesses.

This communication technique may be more secure than the existingproposals. In particular, dPSK may require that the Wi-Fi infrastructureplay an active role in authenticating electronic device 112 to accesspoint 114. For example, the dPSK value may need to be configured on theWi-Fi infrastructure. In contrast, with IEEE 802.11x and EAP-SIM,EAP-AKA and/or EAP-AKA′ the Wi-Fi infrastructure plays a passive role inauthenticating electronic device 112 to access point 114. (As describedfurther below, the mobile network operator authentication, authorizationand accounting and the HLR/HSS may perform the actual authentication.)Thus, the IEEE 802.1x approach used in the communication technique maybe more secure. Moreover, Wi-Fi radio access network partners can useexisting Hotspot 2.0 WLANs, which can be enabled for LWA operation byadvertising the LWA_PLMN(s) elements via ANQP. Furthermore, a singleHotspot 2.0 access point can support multiple LWA LTE partners, such asdifferent cellular-telephone networks.

We now further describe the communication technique. FIG. 2 presents ablock diagram illustrating LWA registration and provisioning betweenradio node 110 and electronic device 112 according to some embodiments.In particular, radio node 110 may communicate with an evolved packetcore (EPC) 116 using an S1 interface to mobile management entity (WE)118 and/or serving gateway/packet data network gateway (S/PGT) 120.(Although described in the context of S1, other or future interfacescould be used, i.e., an interface or protocol for communicating betweenradio node 110 and mobile management entity 118 and/or servinggateway/packet data network gateway 120.) Moreover, during the LTEregistration, radio node 110 may provision the LWA_PLMN element value ofa cellular-telephone network to electronic device 112. For example, theLWA_PLMN element value may be conveyed by wireless signals 128-3.Moreover, electronic device 112 may store the LWA_PLMN element forsubsequent use in Hotspot 2.0 discovery and selection. For example, theLWA_PLMN element may be stored in a Wi-Fi connection manager, such as incache 210.

As shown in FIG. 3 , which presents a block diagram illustratingLWA-WLAN discovery and selection between access point 114 and electronicdevice 112 according to some embodiments, in order to facilitatediscovery of access point 114 by electronic device 112, the beaconsbroadcast by access point 114 and/or probe responses provided by accesspoint 114 may include or advertise support for a communication protocol,such as Hotspot 2.0 and/or one or more LWA protocols (e.g., by includingan LWA-capability indicator in the beacons and/or the probe responses).In response, electronic device 112 may send an ANQP query for theLWA_PLMN element(s) supported on access point 114. Then, access point114 may send, via ANQP, a capability list with the supported LWA_PLMNelement(s).

Electronic device 112 may compare its cached LWA_PLMN element value(s)from the LTE provisioning process with the LWA_PLMN element(s) returnedby access point 114. If there is a match between the LWA_PLMN elementvalues, electronic device 112 may associate with access point 114.Alternatively, if the LWA_PLMN element values do not match, electronicdevice 112 may not associate.

In some embodiments, in order to facilitate discovery of access point114 by electronic device 112, the beacons broadcast by access point 114may include an LWA-capability indicator and/or a list of the LWA_PLMNelement(s) for one or more cellular-telephone networks (such as PLMN x)supported by access point 114. This information may allow electronicdevice 112 to determine that a cellular-telephone network associatedwith carrier or network x is supported by access point 114 (i.e., it isan LWA-capable Wi-Fi network) without requiring electronic device 112 toprovide the ANQP query.

In addition to cellular-telephone networks, the LWA_PLMN elements may beused to indicate that access point 114 supports services or capabilitiesvia one or more networks that are different than cellular-telephonenetworks associated with cellular-telephone carriers. In particular, oneor more of the LWA_PLMN elements may be used to advertise a small-cellnetwork (which is sometimes referred to as an ‘LTE neutral-hostnetwork’) that may be hosted by an entity (such as a company or anenterprise) that is other than a network operator or acellular-telephone carrier. For example, such a small-cell network mayhave a corresponding LWA_PLMN element, which, if it is supported, may beincluded in the beacons broadcast by access point 114. Alternatively asmall-cell network may have multiple associated LWA_PLMN identifiersthat indicate networks that it supports.

Note that, by using the communication technique, the dependence on theservice set identifier (SSID) of a particular WLAN network may beremoved (in general, there may be multiple SSIDs associated with a givenaccess point, such as access point 114). Instead, it may allow supportfor the one or more cellular-telephone networks to be indicated.

After associating with access point 114, electronic device 112 mayattempt to authenticate with the cellular-telephone network. This isshown in FIG. 4 , which presents a block diagram illustrating LWA-WLANauthentication and encryption among electronic device 112, access point114 and authentication server 122 according to some embodiments. Inparticular, after associating with access point 114, electronic device112 may attempt to authenticate using IEEE 802.11x using its cellularcredential (e.g., via EAP-SIM, EAP-AKA and/or EAP-AKA′). In response toreceiving such an authentication message, access point 114 may forwardthe authentication request to authentication server (AS) 122 using aRADIUS protocol over a wired (such as Ethernet) and/or a wirelessconnection. Note that authentication server 122 may be the home networkoperator's HLR/HSS, which may be accessed via a home authentication,authorization and accounting gateway.

Authentication server 122 may perform validation of the cellularcredential of electronic device 112. If the authentication issuccessful, an acceptance or an access-accept message may be returnedvia RADIUS to access point 114 along with information used to generatedynamic encryption keys for the Wi-Fi session between electronic device112 and access point 114. In response, access point 114 may provide theinformation to electronic device 112 and/or may use the information togenerate an encryption key for use by access point 114 during the Wi-Fisession. In some embodiments, access point 114 uses the information togenerate an encryption key for use by electronic device 112, whichaccess point 114 provides to electronic device 112.

Referring back to FIG. 1 , electronic device 112 and/or evolved packetcore 118 may communicate information specifying access point 114 toradio node 110. In response, radio node 110 may set up a tunnel (and,more generally, a secure-communication pathway) with access point 114.

Subsequently, in conjunction with radio node 110, access point 114 mayprovide traffic or load balancing during LWA communication withelectronic device 112. In particular, in order to facilitate the trafficor load balancing during the LWA communication with electronic device112, radio node 110 may communicate (via wireless or wiredcommunication) control information and data with access point 114 usingthe Xw interface. For example, the control information may becommunicated using stream control transmission protocol (SCTP) and thedata may be communicated using GTP-U. Note that the control messages maysignal the binding between the tunnel endpoint identifiers (TEID) and aMAC address of electronic device 112. This communication may include anidentifier of the cellular-telephone network, such as a public landmobile network (PLMN) identifier. For example, radio node 110 may beincluded in PLMN x, where x can represent a particular network. As notedpreviously, during the traffic or load balancing, radio node 110 mayforward LTE data to access point 114 for communication to electronicdevice 112 via IEEE 802.11.

Additionally, as noted previously, in order to facilitate transmissionscheduling and/or load balancing by radio node 110, electronic device112 and/or access point 114 may provide performance feedback about theLTE communication and/or the Wi-Fi communication to radio node 110. Inparticular, electronic device 112 may send measurement reports (and,more generally, performance feedback) to radio node 110 for a currentconnection with access point 114. In some embodiments, radio node 110optionally obtains measurement reports (and, more generally, performancefeedback) directly from access point 114. Based on the performancefeedback, radio node 110 may select a desired target access point (whichmay no longer be access point 114), and radio node 110 may directelectronic device 112 to associate with this target access point. Notethat this capability may be in contrast with the normal approach used inWi-Fi, in which electronic device 112 decides the access point that itwants to connect to or associate with.

Table 1 presents an exemplary LWA message report format according tosome embodiments. Note that if all stations are disassociated, the MACaddress is set to broadcast address and the status field is set todisconnect. Moreover, the RSSI may be the moving average ofacknowledge-RSSI over the last N-samples because the LWA-WLAN uplinkpackets may be infrequent. Furthermore, the packet error rate may bedefined as the ratio of dropped packets to the number of transmitattempts. Packets that are dropped between the Ethernet interface andingress into the wireless interface may not be accounted for in thepacket error rate, and the queue delay may be a moving average of thetime taken to transmit a packet (including the queuing, schedulingand/or retransmit time). Additionally, the access time may be the timetaken to access the channel after the packet has been placed into thehardware queue. This access time may exclude the transmission time ofthe packet. In some embodiments, the access time is a moving averageover a window.

TABLE 1 Field Length (Bytes) Information Number of stations 2 Number ofstations being reported MAC address 6 Wi-Fi MAC address of theelectronic device Status 1 Connected/Disconnected Received signal 1 −127to 127 dB strength indicator (RSSI) Number of wireless 1 Number ofqueues being mobility management reported for station (WMM) reports WMMqueue identifier 1 0 = Background, 1 = Best effort, 2 = Video, 3 = VoicePacket error rate 1 Ratio of dropped packets to good packets transmittedsince last report Queue delay 2 Since last report in milliseconds Accesstime 2 Time to gain access to the channel (microseconds)

In some embodiments, at least some of the operations performed by accesspoint 114 in the preceding discussion are performed by an optional WLANcontroller (WLC) 124.

Alternatively, another approach to discovery and security may be used.In particular, instead of provisioning electronic device 112 using radionode 110 during the LTE registration process, and then authenticatingvia authentication server 122, the discovery and security may befacilitated by WLAN controller 124. This is shown in FIG. 5 , whichpresents a block diagram illustrating wireless communication amongelectronic devices according to some embodiments. In FIG. 5 , accesspoint 114 may advertise support for one or more cellular-telephonenetworks by including one or more PLMN identifiers in messages (such asbeacons) that are broadcast by access point 114. (While PLMN identifiersare used as an illustration, other identifiers of the one or morecellular-telephone networks may be used. In addition, in someembodiments access point 114 includes a vendor extension informationelement with the one or more PLMN indicators in beacons and proberesponses.) Electronic device 112 may receive one of these messages,thereby discovering access point 114. Moreover, electronic device 112may receive additional messages from one or more access points 512.

Then, electronic device 112 may provide a candidate list to radio node110 with information (such as basic service set identifiers or BSSIDs)specifying access point 114 and/or the one or more access points 512that support communication with the cellular-telephone network that isassociated with radio node 110. (In some embodiments, the messagesinclude access-point loading status along with the one or more PLMNs tohelp electronic device 112 and/or radio node 110 in sorting outpotential candidate access points.)

After receiving the candidate list, as a security measure radio node 110may communicate with WLAN controller 124 via network 510 (such as awireless network and/or a wired network, e.g., an intranet and/or theInternet) to validate access point 114 and/or the one or more accesspoints 512 with WLAN controller 124. In particular, radio node 110 mayprovide information (such as the BSSIDs) specifying access point 114and/or the one or more access points 512 to WLAN controller 124. Notethat the communication between radio node 110 and WLAN controller 124may use a Xw interface (and, more generally, an interface having thesame or similar functionality, i.e., an interface or protocol forcommunicating between radio node 110 and WLAN controller 124).

In response, WLAN controller 124 may access a stored network address(such as an Internet address) of access point 114 (if access point 114is an approved access point) and performance feedback about access point114. In some embodiments, WLAN controller 124 communicates with EPC 116(FIG. 1 ) via the Xw interface (however, other interfaces may be used).Moreover, WLAN controller 124 may provide the network address and theperformance feedback (such as that shown in Table 1 and, more generally,a channel measurement report) to radio node 110. Next, WLAN controller124 may provide additional information specifying radio node 110 (suchas an identifier of radio node 110) to access point 114.

Radio node 110 and access point 114 may, respectively, receive thenetwork address and the performance feedback, and the additionalinformation. In response, radio node 110 may set up asecure-communication pathway (such as a GTP-U tunnel) with access point114 using the network address, and access point 114 may establish thesecure-communication pathway with radio node 110 based on the additionalinformation. As described previously, the secure-communication pathwaymay take data associated with frames for the LTE communication protocoland may encapsulate the data in frames for the IEEE 802.11 communicationprotocol.

Additionally, radio node 110 may instruct electronic device 112 toassociate with access point 114. As noted previously, this approach isdifferent from the usual one in which electronic device 112 initiatesassociation. In response, electronic device 112 may associate withaccess point 114, thereby establishing a Wi-Fi connection betweenelectronic device 112 and access point 114.

Subsequently, radio node 110 can communicate LTE data frames or packetsusing LTE with an electronic device 112 and, based on the performancefeedback, radio node 110 may also communicate LTE data frames or packetsto access point 114 via the interface, such as the Xw interface (and,more generally, an interface that is similar to X2 or a general packetradio service tunneling protocol, such as GTP-U, which provides thesecure-communication pathway between radio node 110 and access point114), that encapsulates the LTE PDCP datagrams into IEEE 802.11 MACframes. Moreover, access point 114 may communicate these IEEE 802.11frames or packets to electronic device 112 using Wi-Fi, electronicdevice 112 may aggregate or re-concatenate the two sources of dataframes or packets back into the LTE data stream with LTE PDCP datagrams.

In some embodiments, WLAN controller 124 provides, to radio node 110,network addresses of multiple access points (such as access points 114and the one or more access points 512) and performance feedback aboutthe multiple access points. Next, radio node 110 may select a desired ortarget access point (such as access point 114) from the multiple accesspoints based on the performance feedback. This selection may beperformed dynamically during communication with electronic device 112 asthe performance feedback subsequently received from electronic device112, access point 114, the one or more access points 512 and/or WLANcontroller 124 changes. For example, access point 114 may send theperformance feedback information directly to radio node 110 orindirectly via WLAN controller 124. Thus, at different times, radio node110 may decide to handover the Wi-Fi communication from one access pointto another access point, i.e., radio node 110 may use different accesspoints for traffic or load balancing during LWA communication withelectronic device 112.

Note that such a handoff may be mediated or facilitated by WLANcontroller 124 or may be performed independently of WLAN controller 124.For example, electronic device 112 may send measurement reports (and,more generally, performance feedback) to radio node 110 for a currentconnection access point (such as access point 114) plus one or morepotential handover target access points. Moreover, radio node 110 mayobtain measurement reports (and, more generally, performance feedback)for the one or more target access points from WLAN controller 124. Insome embodiments, radio node 110 optionally obtains measurement reports(and, more generally, performance feedback) directly from the one ormore target access points. Then, radio node 110 may select a desiredtarget access point and may direct electronic device 112 to associatewith this target access point. Next, radio node 110 may forward LTE datato the new target access point for communication to electronic device112 using LWA communication protocol.

In some embodiments, the performance feedback is included in aconsolidated report that includes one or more electronic devices (suchas electronic device 112) and/or one or more access points (such asaccess point 114). This report may be sent for: associations,re-associations, disconnections, and/or threshold crossing for queuestatus, access time and queue delay. Note that the consolidated reportmay be communicated periodically via a configurable time period (inseconds).

In general, the wireless communication in FIGS. 1 and 5 may becharacterized by a variety of performance metrics, such as: a data ratefor successful communication (which is sometimes referred to as a‘throughput’), an error rate (such as a retry or resend rate), amean-square error of equalized signals relative to an equalizationtarget, intersymbol interference, multipath interference, asignal-to-noise ratio, a width of an eye pattern, a ratio of number ofbytes successfully communicated during a time interval (such as 1-10 s)to an estimated maximum number of bytes that can be communicated in thetime interval (the latter of which is sometimes referred to as the‘capacity’ of a communication channel or link), and/or a ratio of anactual data rate to an estimated data rate (which is sometimes referredto as ‘utilization’).

During the communication in FIGS. 1 and 5 , radio node 110, electronicdevice 112 and/or access point 114 may wirelessly communicate while:transmitting advertising frames on wireless channels, detecting oneanother by scanning wireless channels, establishing connections (forexample, by transmitting association requests), and/or transmitting andreceiving frames that include packets (which may include the associationrequests and/or additional information as payloads).

As described further below with reference to FIG. 10 , radio node 110,electronic device 112 and access point 114 may include subsystems, suchas a networking subsystem, a memory subsystem and a processor subsystem.In addition, radio node 110, electronic device 112 and access point 114may include radios 126 in the networking subsystems. More generally,radio node 110, electronic device 112 and access point 114 can include(or can be included within) any electronic devices with the networkingsubsystems that enable radio node 110, electronic device 112 and accesspoint 114 to wirelessly communicate with each other. This wirelesscommunication can comprise transmitting advertisements on wirelesschannels to enable electronic devices to make initial contact or detecteach other, followed by exchanging subsequent data/management frames(such as association requests and responses) to establish a connection,configure security options (e.g., Internet Protocol Security, Wi-FiProtected Access), transmit and receive frames that include packets viathe connection, etc.

Moreover, as can be seen in FIGS. 1 and 5 , wireless signals 128(represented by jagged lines) are transmitted by radios 126 in radionode 110, electronic device 112 and/or access point 114. For example,radio 126-3 in access point 114 may transmit information (such as framesthat include packets) using wireless signals 128-2. These wirelesssignals are received by radios 126 in one or more other electronicdevices (such as radio 126-2 in electronic device 112). This may allowaccess point 114 to communicate information to radio node 110 and/orelectronic device 112. Note that wireless signals 128-1 may convey LTEframes or packets, and wireless signals 128-2 may convey Wi-Fi frames orpackets.

In the described embodiments, processing a frame that includes packetsin radio node 110, electronic device 112 and/or access point 114 mayinclude: receiving the wireless signals with the frame;decoding/extracting the frame from the received wireless signals toacquire the frame; and processing the frame to determine informationcontained in the payload of the frame (such as the packet).

Although we describe the network environments shown in FIGS. 1 and 5 asexamples, in alternative embodiments, different numbers or types ofelectronic devices may be present. For example, some embodimentscomprise more or fewer electronic devices. As another example, inanother embodiment, different electronic devices are transmitting and/orreceiving frames that include packets.

We now describe embodiments of methods. FIG. 6 presents a flow diagramillustrating a method 600 for establishing communication with anelectronic device and a cellular-telephone network according to someembodiments. This method may be performed by an access point (or a WLANcontroller), such as access point 114 (FIG. 1 ). During operation, theaccess point advertises support for a communication protocol (operation610) in beacons and/or probe responses. For example, the communicationprotocol may include: a Hotspot 2.0 protocol, and/or one or more LWAprotocols.

Then, the access point receives, from the electronic device, a query(operation 612) for identifiers of one or more cellular-telephonenetworks supported by the access point. For example, the query may becompatible with an ANQP and the identifiers may include PLMNidentifiers.

Moreover, in response to the query the access point provides, to theelectronic device, the identifiers (operation 614) of the one or morecellular-telephone networks that provide communication via one or moreLWA protocols, and which are supported by the access point.

Next, the access point receives, from the electronic device, anassociation request (operation 616), and associates with the electronicdevice (operation 618) in response to the association request.

In some embodiments, the access point optionally performs one or moreadditional operations (operation 620). For example, the access point mayreceive, from the electronic device, an authentication request withcredentials of the electronic device with the cellular-telephonenetwork, and the access point may forward the authentication request toa server associated with the cellular-telephone network. In particular,the access point may communicate the authentication request with theserver via a RADIUS protocol. Additionally, the access point mayreceive, from the server, an acceptance message that includesinformation used to generate encryption keys for an IEEE 802.11 sessionbetween the access point and the electronic device. The access point mayprovide this information to the electronic device and/or may use theinformation to generate an encryption key for use by the access pointduring the IEEE 802.11 session. Alternatively or additionally, theaccess point may assist the radio node in performing load or trafficbalancing with the electronic device. In particular, the access pointmay receive, from the radio node, LTE PDCP datagrams that areencapsulated into IEEE 802.11 MAC frames. Then, the access point maycommunicate the IEEE 802.11 MAC frames to the electronic device. Notethat the load balancing may involve LWA protocols such as: transportprotocols (e.g., GTP-U over UDP) and/or Xw-c/m over SCTP), a controlprotocol, a management protocol, and/or user traffic over thesetransports.

Embodiments of the communication technique are further illustrated inFIG. 7 , which presents a drawing illustrating communication betweenradio node 110, electronic device 112, access point 114 andauthentication server 122 according to some embodiments. In particular,during the LTE registration, radio node 110 may provision LWA_PLMN 710element value of a cellular-telephone network to electronic device 112.

Subsequently (but not necessarily), access point 114 may broadcastbeacons 712 that include or advertise support for a communicationprotocol, such as Hotspot 2.0 and/or one or more LWA protocols. Inresponse, electronic device 112 may send an ANQP query 714 for theLWA_PLMN element(s) supported on access point 114. Then, access point114 may send, via ANQP, a capability list 716 with the supportedLWA_PLMN element(s).

Electronic device 112 may compare 718 the pre-provisioned LWA_PLMN 710element value with the LWA_PLMN element(s) returned by access point 114.If there is a match between the LWA_PLMN element values, electronicdevice 112 may associate 720 with access point 114. Alternatively, ifthe LWA_PLMN element values do not match, electronic device 112 may notassociate.

Then, electronic device 112 may attempt to authenticate using IEEE802.11x using its cellular credential in an authentication message 722.In response, access point 114 may forward authentication message 722 toauthentication server 122 using a RADIUS protocol over a wired (such asEthernet) and/or a wireless connection.

Authentication server 122 may perform validation 724 of the cellularcredential of electronic device 112. If the authentication issuccessful, an acceptance message 726 may be returned via RADIUS toaccess point 114 along with information 728 used to generate dynamicencryption keys for the Wi-Fi session between electronic device 112 andaccess point 114. In response, access point 114 may provide information728 to electronic device 112 and/or may use information 728 to generatean encryption key 730 for use by access point 114 during the Wi-Fisession. In some embodiments, access point 114 uses information 728 togenerate an encryption key 732 for use by electronic device 112, whichaccess point 114 provides to electronic device 112. Otherwise,electronic device 112 may use information 728 to generate encryption key732.

Furthermore, subsequently radio node 110 may communicate LTE frames 734with electronic device 112, and may perform load or traffic balancing bycommunicating data 736 to access point 114, which then communicatesWi-Fi frames 738 that include data 736 to electronic device 112.

FIG. 8 presents a flow diagram illustrating a method 800 forestablishing communication with an electronic device and acellular-telephone network according to some embodiments. This methodmay be performed by an access point, such as access point 114 (FIG. 1 ).During operation, the access point provides messages (operation 810)that include one or more PLMN identifiers of one or morecellular-telephone networks that are supported by the access point.Then, the access point receives information (operation 812) specifying aradio node from the WLAN controller. (However, in other embodiments theorder of operations 810 and 812 are reversed.) Moreover, the accesspoint establishes a secure-communication pathway (operation 814) withthe radio node based on the information, where the secure-communicationpathway takes data associated with frames for a Long Term Evolution(LTE) communication protocol and encapsulates the data in frames for anIEEE 802.11 communication protocol. Next, the access point associateswith an electronic device (operation 816). Furthermore, the access pointreceives data (operation 818) for the electronic device from the radionode via the secure-communication pathway, and provides the data(operation 820) to the electronic device using the IEEE 802.11communication protocol.

Embodiments of the communication technique are further illustrated inFIG. 9 , which presents a drawing illustrating communication betweenradio node 110, electronic device 112 access point 114 and access points512 according to some embodiments. In particular, access point 114 mayadvertise support for one or more cellular-telephone networks byincluding one or more PLMN identifiers in messages 910 that arebroadcast by access point 114. Electronic 112 may receive one of thesemessages. Moreover, electronic device 112 may receive additionalmessages 912 from one or more access points 512.

Then, electronic device 112 may provide a candidate list 914 to radionode 110 with information specifying access point 114 and/or the one ormore access points 512 that support communication with thecellular-telephone network that is associated with radio node 110.

After receiving candidate list 914, radio node 110 may provideinformation 916 specifying access point 114 and/or the one or moreaccess points 512 to WLAN controller 124. In response, WLAN controller124 may access a stored network address 918 of access point 114 andperformance feedback 920 about access point 114. Furthermore, WLANcontroller 124 may provide network address 918 and performance feedback920 to radio node 110. Next, WLAN controller 124 may provide additionalinformation 922 specifying radio node 110 to access point 114.

In response to radio node 110 receiving network address 918 andperformance feedback 920, and access point 114 receiving additionalinformation 922, radio node 110 and access point 114 may set up asecure-communication pathway 924.

Additionally, radio node 110 may instruct 926 electronic device 112 toassociate with access point 114. In response, electronic device 112 mayassociate 928 with access point 114, thereby establishing a Wi-Ficonnection between electronic device 112 and access point 114.

Subsequently, radio node 110 can communicate LTE data frames 930 usingLTE with an electronic device 112 and, based on performance feedback920, radio node 110 may perform load or traffic balancing bycommunicating data 932 to access point 114, which then communicatesWi-Fi frames 934 that include data 932 to electronic device 112.Furthermore, electronic device 112 may aggregate 936 or re-concatenatethe two sources of data frames or packets back into the LTE data streamwith LTE PDCP datagrams.

In some embodiments of methods 600 (FIG. 6 ) and/or 800, there may beadditional or fewer operations. Moreover, the order of the operationsmay be changed, and/or two or more operations may be combined into asingle operation.

We now describe embodiments of an electronic device, such as radio node110, electronic device 112, access point 114 and/or WLAN controller 124in FIGS. 1 and 5 that performs at least some of the operations in thecommunication technique. FIG. 10 presents a block diagram illustratingan electronic device 1000 in accordance with some embodiments. Thiselectronic device includes processing subsystem 1010, memory subsystem1012, and networking subsystem 1014. Processing subsystem 1010 includesone or more devices configured to perform computational operations. Forexample, processing subsystem 1010 can include one or moremicroprocessors, application-specific integrated circuits (ASICs),microcontrollers, programmable-logic devices, and/or one or more digitalsignal processors (DSPs).

Memory subsystem 1012 includes one or more devices for storing dataand/or instructions for processing subsystem 1010 and networkingsubsystem 1014. For example, memory subsystem 1012 can include dynamicrandom access memory (DRAM), static random access memory (SRAM), and/orother types of memory. In some embodiments, instructions for processingsubsystem 1010 in memory subsystem 1012 include: one or more programmodules or sets of instructions (such as program module 1022 oroperating system 1024), which may be executed by processing subsystem1010. Note that the one or more computer programs may constitute acomputer-program mechanism. Moreover, instructions in the variousmodules in memory subsystem 1012 may be implemented in: a high-levelprocedural language, an object-oriented programming language, and/or inan assembly or machine language. Furthermore, the programming languagemay be compiled or interpreted, e.g., configurable or configured (whichmay be used interchangeably in this discussion), to be executed byprocessing subsystem 1010.

Networking subsystem 1014 includes one or more devices configured tocouple to and communicate on a wired and/or wireless network (i.e., toperform network operations), including: control logic 1016, an interfacecircuit 1018 and one or more antennas 1020 (or antenna elements). (WhileFIG. 10 includes one or more antennas 1020, in some embodimentselectronic device 1000 includes one or more antenna nodes, such as nodes1008, e.g., a pad, which can be coupled to the one or more antennas1020. Thus, electronic device 1000 may or may not include the one ormore antennas 1020.) For example, networking subsystem 1014 can includea Bluetooth™ networking system, a cellular networking system (e.g., a3G/4G network such as UMTS, LTE, etc.), a universal serial bus (USB)networking system, a networking system based on the standards describedin IEEE 802.11 (e.g., a Wi-Fi® networking system), an Ethernetnetworking system, and/or another networking system.

Networking subsystem 1014 includes processors, controllers,radios/antennas, sockets/plugs, and/or other devices used for couplingto, communicating on, and handling data and events for each supportednetworking system. Note that mechanisms used for coupling to,communicating on, and handling data and events on the network for eachnetwork system are sometimes collectively referred to as a ‘networkinterface’ for the network system. Moreover, in some embodiments a‘network’ or a ‘connection’ between the electronic devices does not yetexist. Therefore, electronic device 1000 may use the mechanisms innetworking subsystem 1014 for performing simple wireless communicationbetween the electronic devices, e.g., transmitting advertising or beaconframes and/or scanning for advertising frames transmitted by otherelectronic devices as described previously.

Within electronic device 1000, processing subsystem 1010, memorysubsystem 1012, and networking subsystem 1014 are coupled together usingbus 1028. Bus 1028 may include an electrical, optical, and/orelectro-optical connection that the subsystems can use to communicatecommands and data among one another. Although only one bus 1028 is shownfor clarity, different embodiments can include a different number orconfiguration of electrical, optical, and/or electro-optical connectionsamong the subsystems.

In some embodiments, electronic device 1000 includes a display subsystem1026 for displaying information on a display.

Electronic device 1000 can be (or can be included in) any electronicdevice with at least one network interface. For example, electronicdevice 1000 can be (or can be included in): a desktop computer, a laptopcomputer, a subnotebook/netbook, a server, a tablet computer, asmartphone, a cellular telephone, a consumer-electronic device, aportable computing device, an access point, a transceiver, a router, aswitch, communication equipment, test equipment, and/or anotherelectronic device.

Although specific components are used to describe electronic device1000, in alternative embodiments, different components and/or subsystemsmay be present in electronic device 1000. For example, electronic device1000 may include one or more additional processing subsystems, memorysubsystems, networking subsystems, and/or display subsystems.Additionally, one or more of the subsystems may not be present inelectronic device 1000. Moreover, in some embodiments, electronic device1000 may include one or more additional subsystems that are not shown inFIG. 10 . Also, although separate subsystems are shown in FIG. 10 , insome embodiments some or all of a given subsystem or component can beintegrated into one or more of the other subsystems or component(s) inelectronic device 1000. For example, in some embodiments program module1022 is included in operating system 1024 and/or control logic 1016 isincluded in interface circuit 1018.

While the preceding discussion used Wi-Fi and LTE communicationprotocols as illustrative examples, in other embodiments a wide varietyof cellular-telephone communication protocols and, more generally,wireless communication techniques may be used. Thus, the communicationtechnique may be used in a variety of network interfaces. Furthermore,while some of the operations in the preceding embodiments wereimplemented in hardware or software, in general the operations in thepreceding embodiments can be implemented in a wide variety ofconfigurations and architectures. Therefore, some or all of theoperations in the preceding embodiments may be performed in hardware, insoftware or both. For example, at least some of the operations in thecommunication technique may be implemented using program module 1022,operating system 1024 (such as a driver for interface circuit 1018) orin firmware in interface circuit 1018. Alternatively or additionally, atleast some of the operations in the communication technique may beimplemented in a physical layer, such as hardware in interface circuit1018.

In the preceding description, we refer to ‘some embodiments.’ Note that‘some embodiments’ describes a subset of all of the possibleembodiments, but does not always specify the same subset of embodiments.

The foregoing description is intended to enable any person skilled inthe art to make and use the disclosure, and is provided in the contextof a particular application and its requirements. Moreover, theforegoing descriptions of embodiments of the present disclosure havebeen presented for purposes of illustration and description only. Theyare not intended to be exhaustive or to limit the present disclosure tothe forms disclosed. Accordingly, many modifications and variations willbe apparent to practitioners skilled in the art, and the generalprinciples defined herein may be applied to other embodiments andapplications without departing from the spirit and scope of the presentdisclosure. Additionally, the discussion of the preceding embodiments isnot intended to limit the present disclosure. Thus, the presentdisclosure is not intended to be limited to the embodiments shown, butis to be accorded the widest scope consistent with the principles andfeatures disclosed herein.

What is claimed is:
 1. A radio node, comprising: an antenna; at leastone antenna node configured to couple to the antenna; and an interfacecircuit, coupled to at least the one antenna node, configured tocommunicate with an access point in a wireless local area network (WLAN)and an electronic device, wherein the radio node is included in acellular-telephone network, and wherein the radio is configured to:receive, at the interface circuit, a candidate list associated with theelectronic device, wherein the candidate list comprises informationspecifying the access point that supports communication with thecellular-telephone network; establish, via the interface circuit, asecure-communication pathway with the access point based at least inpart on the information; provide, from the interface circuit, a messageaddressed to the electronic device, wherein the message instructions theelectronic device to associate with the access point; and communicate,from the interface circuit and via the secure-communication pathway,frames addressed to the access point, wherein the frames are intendedfor the electronic device and the frames are compatible with acellular-telephone communication protocol.
 2. The radio node of claim 1,wherein the frames comprise second information specifying the radionode.
 3. The radio node of claim 1, wherein the radio node is configuredto communicate, from the interface circuit, second frames addressed tothe electronic device; and wherein the second frames are compatible withthe cellular-telephone communication protocol.
 4. The radio node ofclaim 1, wherein the cellular-telephone communication protocol comprisesLong Term Evolution (LTE).
 5. The radio node of claim 1, wherein theradio node comprises an evolved node B (eNB).
 6. The radio node of claim1, wherein the secure-communication pathway comprises a tunnel; andwherein establishing the tunnel comprises additional communicationbetween the radio node and the access point.
 7. The radio node of claim1, wherein the communication with the access point comprises Long TermEvolution Wi-Fi aggregation (LWA).
 8. The radio node of claim 1, whereinthe secure-communication pathway comprises an Xw interface.
 9. Anon-transitory computer-readable storage medium for use in conjunctionwith a radio node, the computer-readable storage medium storing programinstructions that, when executed by the radio node, causes the radionode to perform operations comprising: receiving a candidate listassociated with an electronic device, wherein the candidate listcomprises information specifying an access point in a wireless localarea network (WLAN) that supports communication with acellular-telephone network that includes the radio node; establishing asecure-communication pathway with the access point based at least inpart on the information; providing a message addressed to the electronicdevice, wherein the message instructions the electronic device toassociate with the access point; and communicating, via thesecure-communication pathway, frames addressed to the access point,wherein the frames are intended for the electronic device and the framesare compatible with a cellular-telephone communication protocol.
 10. Thenon-transitory computer-readable storage medium of claim 9, wherein theframes include second information specifying the radio node.
 11. Thenon-transitory computer-readable storage medium of claim 9, wherein theoperations comprise communicating second frames addressed to theelectronic device; and wherein the second frames are compatible with thecellular-telephone communication protocol.
 12. The non-transitorycomputer-readable storage medium of claim 9, wherein thecellular-telephone communication protocol comprises Long Term Evolution(LTE).
 13. The non-transitory computer-readable storage medium of claim9, wherein the radio node comprises an evolved node B (eNB).
 14. Thenon-transitory computer-readable storage medium of claim 9, wherein thesecure-communication pathway comprises a tunnel; and whereinestablishing the tunnel comprises additional communication between theradio node and the access point.
 15. The non-transitorycomputer-readable storage medium of claim 9, wherein the communicationwith the access point comprises Long Term Evolution Wi-Fi aggregation(LWA).
 16. The non-transitory computer-readable storage medium of claim9, wherein the secure-communication pathway comprises an Xw interface.17. A method for communicating via a secure-communication pathway,comprising: by a radio node: receiving a candidate list associated withan electronic device, wherein the candidate list comprises informationspecifying an access point in a wireless local area network (WLAN) thatsupports communication with a cellular-telephone network that includesthe radio node; establishing the secure-communication pathway with theaccess point based at least in part on the information; providing amessage addressed to the electronic device, wherein the messageinstructions the electronic device to associate with the access point;and communicating, via the secure-communication pathway, framesaddressed to the access point, wherein the frames are intended for theelectronic device and the frames are compatible with acellular-telephone communication protocol.
 18. The method of claim 17,wherein the method comprises communicating second frames addressed tothe electronic device; and wherein the second frames are compatible withthe cellular-telephone communication protocol.
 19. The method of claim17, wherein the cellular-telephone communication protocol comprises LongTerm Evolution (LTE).
 20. The method of claim 17, wherein the radio nodecomprises an evolved node B (eNB).